1/* 2 * journal.c --- code for handling the "ext3" journal 3 * 4 * Copyright (C) 2000 Andreas Dilger 5 * Copyright (C) 2000 Theodore Ts'o 6 * 7 * Parts of the code are based on fs/jfs/journal.c by Stephen C. Tweedie 8 * Copyright (C) 1999 Red Hat Software 9 * 10 * This file may be redistributed under the terms of the 11 * GNU General Public License version 2 or at your discretion 12 * any later version. 13 */ 14 15#include "config.h" 16#ifdef HAVE_SYS_MOUNT_H 17#include <sys/param.h> 18#include <sys/mount.h> 19#define MNT_FL (MS_MGC_VAL | MS_RDONLY) 20#endif 21#ifdef HAVE_SYS_STAT_H 22#include <sys/stat.h> 23#endif 24 25#define E2FSCK_INCLUDE_INLINE_FUNCS 26#include "jfs_user.h" 27#include "problem.h" 28#include "uuid/uuid.h" 29 30#ifdef CONFIG_JBD_DEBUG /* Enabled by configure --enable-jfs-debug */ 31static int bh_count = 0; 32#endif 33 34/* 35 * Define USE_INODE_IO to use the inode_io.c / fileio.c codepaths. 36 * This creates a larger static binary, and a smaller binary using 37 * shared libraries. It's also probably slightly less CPU-efficient, 38 * which is why it's not on by default. But, it's a good way of 39 * testing the functions in inode_io.c and fileio.c. 40 */ 41#undef USE_INODE_IO 42 43/* Checksumming functions */ 44static int e2fsck_journal_verify_csum_type(journal_t *j, 45 journal_superblock_t *jsb) 46{ 47 if (!journal_has_csum_v2or3(j)) 48 return 1; 49 50 return jsb->s_checksum_type == JBD2_CRC32C_CHKSUM; 51} 52 53static __u32 e2fsck_journal_sb_csum(journal_superblock_t *jsb) 54{ 55 __u32 crc, old_crc; 56 57 old_crc = jsb->s_checksum; 58 jsb->s_checksum = 0; 59 crc = ext2fs_crc32c_le(~0, (unsigned char *)jsb, 60 sizeof(journal_superblock_t)); 61 jsb->s_checksum = old_crc; 62 63 return crc; 64} 65 66static int e2fsck_journal_sb_csum_verify(journal_t *j, 67 journal_superblock_t *jsb) 68{ 69 __u32 provided, calculated; 70 71 if (!journal_has_csum_v2or3(j)) 72 return 1; 73 74 provided = ext2fs_be32_to_cpu(jsb->s_checksum); 75 calculated = e2fsck_journal_sb_csum(jsb); 76 77 return provided == calculated; 78} 79 80static errcode_t e2fsck_journal_sb_csum_set(journal_t *j, 81 journal_superblock_t *jsb) 82{ 83 __u32 crc; 84 85 if (!journal_has_csum_v2or3(j)) 86 return 0; 87 88 crc = e2fsck_journal_sb_csum(jsb); 89 jsb->s_checksum = ext2fs_cpu_to_be32(crc); 90 return 0; 91} 92 93/* Kernel compatibility functions for handling the journal. These allow us 94 * to use the recovery.c file virtually unchanged from the kernel, so we 95 * don't have to do much to keep kernel and user recovery in sync. 96 */ 97int journal_bmap(journal_t *journal, blk64_t block, unsigned long long *phys) 98{ 99#ifdef USE_INODE_IO 100 *phys = block; 101 return 0; 102#else 103 struct inode *inode = journal->j_inode; 104 errcode_t retval; 105 blk64_t pblk; 106 107 if (!inode) { 108 *phys = block; 109 return 0; 110 } 111 112 retval= ext2fs_bmap2(inode->i_ctx->fs, inode->i_ino, 113 &inode->i_ext2, NULL, 0, block, 0, &pblk); 114 *phys = pblk; 115 return (int) retval; 116#endif 117} 118 119struct buffer_head *getblk(kdev_t kdev, blk64_t blocknr, int blocksize) 120{ 121 struct buffer_head *bh; 122 int bufsize = sizeof(*bh) + kdev->k_ctx->fs->blocksize - 123 sizeof(bh->b_data); 124 125 bh = e2fsck_allocate_memory(kdev->k_ctx, bufsize, "block buffer"); 126 if (!bh) 127 return NULL; 128 129#ifdef CONFIG_JBD_DEBUG 130 if (journal_enable_debug >= 3) 131 bh_count++; 132#endif 133 jfs_debug(4, "getblk for block %llu (%d bytes)(total %d)\n", 134 (unsigned long long) blocknr, blocksize, bh_count); 135 136 bh->b_ctx = kdev->k_ctx; 137 if (kdev->k_dev == K_DEV_FS) 138 bh->b_io = kdev->k_ctx->fs->io; 139 else 140 bh->b_io = kdev->k_ctx->journal_io; 141 bh->b_size = blocksize; 142 bh->b_blocknr = blocknr; 143 144 return bh; 145} 146 147int sync_blockdev(kdev_t kdev) 148{ 149 io_channel io; 150 151 if (kdev->k_dev == K_DEV_FS) 152 io = kdev->k_ctx->fs->io; 153 else 154 io = kdev->k_ctx->journal_io; 155 156 return io_channel_flush(io) ? EIO : 0; 157} 158 159void ll_rw_block(int rw, int nr, struct buffer_head *bhp[]) 160{ 161 errcode_t retval; 162 struct buffer_head *bh; 163 164 for (; nr > 0; --nr) { 165 bh = *bhp++; 166 if (rw == READ && !bh->b_uptodate) { 167 jfs_debug(3, "reading block %llu/%p\n", 168 bh->b_blocknr, (void *) bh); 169 retval = io_channel_read_blk64(bh->b_io, 170 bh->b_blocknr, 171 1, bh->b_data); 172 if (retval) { 173 com_err(bh->b_ctx->device_name, retval, 174 "while reading block %llu\n", 175 bh->b_blocknr); 176 bh->b_err = (int) retval; 177 continue; 178 } 179 bh->b_uptodate = 1; 180 } else if (rw == WRITE && bh->b_dirty) { 181 jfs_debug(3, "writing block %llu/%p\n", 182 bh->b_blocknr, 183 (void *) bh); 184 retval = io_channel_write_blk64(bh->b_io, 185 bh->b_blocknr, 186 1, bh->b_data); 187 if (retval) { 188 com_err(bh->b_ctx->device_name, retval, 189 "while writing block %llu\n", 190 bh->b_blocknr); 191 bh->b_err = (int) retval; 192 continue; 193 } 194 bh->b_dirty = 0; 195 bh->b_uptodate = 1; 196 } else { 197 jfs_debug(3, "no-op %s for block %llu\n", 198 rw == READ ? "read" : "write", 199 bh->b_blocknr); 200 } 201 } 202} 203 204void mark_buffer_dirty(struct buffer_head *bh) 205{ 206 bh->b_dirty = 1; 207} 208 209static void mark_buffer_clean(struct buffer_head * bh) 210{ 211 bh->b_dirty = 0; 212} 213 214void brelse(struct buffer_head *bh) 215{ 216 if (bh->b_dirty) 217 ll_rw_block(WRITE, 1, &bh); 218 jfs_debug(3, "freeing block %llu/%p (total %d)\n", 219 bh->b_blocknr, (void *) bh, --bh_count); 220 ext2fs_free_mem(&bh); 221} 222 223int buffer_uptodate(struct buffer_head *bh) 224{ 225 return bh->b_uptodate; 226} 227 228void mark_buffer_uptodate(struct buffer_head *bh, int val) 229{ 230 bh->b_uptodate = val; 231} 232 233void wait_on_buffer(struct buffer_head *bh) 234{ 235 if (!bh->b_uptodate) 236 ll_rw_block(READ, 1, &bh); 237} 238 239 240static void e2fsck_clear_recover(e2fsck_t ctx, int error) 241{ 242 ext2fs_clear_feature_journal_needs_recovery(ctx->fs->super); 243 244 /* if we had an error doing journal recovery, we need a full fsck */ 245 if (error) 246 ctx->fs->super->s_state &= ~EXT2_VALID_FS; 247 ext2fs_mark_super_dirty(ctx->fs); 248} 249 250/* 251 * This is a helper function to check the validity of the journal. 252 */ 253struct process_block_struct { 254 e2_blkcnt_t last_block; 255}; 256 257static int process_journal_block(ext2_filsys fs, 258 blk64_t *block_nr, 259 e2_blkcnt_t blockcnt, 260 blk64_t ref_block EXT2FS_ATTR((unused)), 261 int ref_offset EXT2FS_ATTR((unused)), 262 void *priv_data) 263{ 264 struct process_block_struct *p; 265 blk64_t blk = *block_nr; 266 267 p = (struct process_block_struct *) priv_data; 268 269 if (!blk || blk < fs->super->s_first_data_block || 270 blk >= ext2fs_blocks_count(fs->super)) 271 return BLOCK_ABORT; 272 273 if (blockcnt >= 0) 274 p->last_block = blockcnt; 275 return 0; 276} 277 278static errcode_t e2fsck_get_journal(e2fsck_t ctx, journal_t **ret_journal) 279{ 280 struct process_block_struct pb; 281 struct ext2_super_block *sb = ctx->fs->super; 282 struct ext2_super_block jsuper; 283 struct problem_context pctx; 284 struct buffer_head *bh; 285 struct inode *j_inode = NULL; 286 struct kdev_s *dev_fs = NULL, *dev_journal; 287 const char *journal_name = 0; 288 journal_t *journal = NULL; 289 errcode_t retval = 0; 290 io_manager io_ptr = 0; 291 unsigned long long start = 0; 292 int ext_journal = 0; 293 int tried_backup_jnl = 0; 294 295 clear_problem_context(&pctx); 296 297 journal = e2fsck_allocate_memory(ctx, sizeof(journal_t), "journal"); 298 if (!journal) { 299 return EXT2_ET_NO_MEMORY; 300 } 301 302 dev_fs = e2fsck_allocate_memory(ctx, 2*sizeof(struct kdev_s), "kdev"); 303 if (!dev_fs) { 304 retval = EXT2_ET_NO_MEMORY; 305 goto errout; 306 } 307 dev_journal = dev_fs+1; 308 309 dev_fs->k_ctx = dev_journal->k_ctx = ctx; 310 dev_fs->k_dev = K_DEV_FS; 311 dev_journal->k_dev = K_DEV_JOURNAL; 312 313 journal->j_dev = dev_journal; 314 journal->j_fs_dev = dev_fs; 315 journal->j_inode = NULL; 316 journal->j_blocksize = ctx->fs->blocksize; 317 318 if (uuid_is_null(sb->s_journal_uuid)) { 319 if (!sb->s_journal_inum) { 320 retval = EXT2_ET_BAD_INODE_NUM; 321 goto errout; 322 } 323 j_inode = e2fsck_allocate_memory(ctx, sizeof(*j_inode), 324 "journal inode"); 325 if (!j_inode) { 326 retval = EXT2_ET_NO_MEMORY; 327 goto errout; 328 } 329 330 j_inode->i_ctx = ctx; 331 j_inode->i_ino = sb->s_journal_inum; 332 333 if ((retval = ext2fs_read_inode(ctx->fs, 334 sb->s_journal_inum, 335 &j_inode->i_ext2))) { 336 try_backup_journal: 337 if (sb->s_jnl_backup_type != EXT3_JNL_BACKUP_BLOCKS || 338 tried_backup_jnl) 339 goto errout; 340 memset(&j_inode->i_ext2, 0, sizeof(struct ext2_inode)); 341 memcpy(&j_inode->i_ext2.i_block[0], sb->s_jnl_blocks, 342 EXT2_N_BLOCKS*4); 343 j_inode->i_ext2.i_size_high = sb->s_jnl_blocks[15]; 344 j_inode->i_ext2.i_size = sb->s_jnl_blocks[16]; 345 j_inode->i_ext2.i_links_count = 1; 346 j_inode->i_ext2.i_mode = LINUX_S_IFREG | 0600; 347 e2fsck_use_inode_shortcuts(ctx, 1); 348 ctx->stashed_ino = j_inode->i_ino; 349 ctx->stashed_inode = &j_inode->i_ext2; 350 tried_backup_jnl++; 351 } 352 if (!j_inode->i_ext2.i_links_count || 353 !LINUX_S_ISREG(j_inode->i_ext2.i_mode)) { 354 retval = EXT2_ET_NO_JOURNAL; 355 goto try_backup_journal; 356 } 357 if (EXT2_I_SIZE(&j_inode->i_ext2) / journal->j_blocksize < 358 JFS_MIN_JOURNAL_BLOCKS) { 359 retval = EXT2_ET_JOURNAL_TOO_SMALL; 360 goto try_backup_journal; 361 } 362 pb.last_block = -1; 363 retval = ext2fs_block_iterate3(ctx->fs, j_inode->i_ino, 364 BLOCK_FLAG_HOLE, 0, 365 process_journal_block, &pb); 366 if ((pb.last_block + 1) * ctx->fs->blocksize < 367 (int) EXT2_I_SIZE(&j_inode->i_ext2)) { 368 retval = EXT2_ET_JOURNAL_TOO_SMALL; 369 goto try_backup_journal; 370 } 371 if (tried_backup_jnl && !(ctx->options & E2F_OPT_READONLY)) { 372 retval = ext2fs_write_inode(ctx->fs, sb->s_journal_inum, 373 &j_inode->i_ext2); 374 if (retval) 375 goto errout; 376 } 377 378 journal->j_maxlen = EXT2_I_SIZE(&j_inode->i_ext2) / 379 journal->j_blocksize; 380 381#ifdef USE_INODE_IO 382 retval = ext2fs_inode_io_intern2(ctx->fs, sb->s_journal_inum, 383 &j_inode->i_ext2, 384 &journal_name); 385 if (retval) 386 goto errout; 387 388 io_ptr = inode_io_manager; 389#else 390 journal->j_inode = j_inode; 391 ctx->journal_io = ctx->fs->io; 392 if ((retval = (errcode_t) journal_bmap(journal, 0, &start)) != 0) 393 goto errout; 394#endif 395 } else { 396 ext_journal = 1; 397 if (!ctx->journal_name) { 398 char uuid[37]; 399 400 uuid_unparse(sb->s_journal_uuid, uuid); 401 ctx->journal_name = blkid_get_devname(ctx->blkid, 402 "UUID", uuid); 403 if (!ctx->journal_name) 404 ctx->journal_name = blkid_devno_to_devname(sb->s_journal_dev); 405 } 406 journal_name = ctx->journal_name; 407 408 if (!journal_name) { 409 fix_problem(ctx, PR_0_CANT_FIND_JOURNAL, &pctx); 410 retval = EXT2_ET_LOAD_EXT_JOURNAL; 411 goto errout; 412 } 413 414 jfs_debug(1, "Using journal file %s\n", journal_name); 415 io_ptr = unix_io_manager; 416 } 417 418#if 0 419 test_io_backing_manager = io_ptr; 420 io_ptr = test_io_manager; 421#endif 422#ifndef USE_INODE_IO 423 if (ext_journal) 424#endif 425 { 426 int flags = IO_FLAG_RW; 427 if (!(ctx->mount_flags & EXT2_MF_ISROOT && 428 ctx->mount_flags & EXT2_MF_READONLY)) 429 flags |= IO_FLAG_EXCLUSIVE; 430 if ((ctx->mount_flags & EXT2_MF_READONLY) && 431 (ctx->options & E2F_OPT_FORCE)) 432 flags &= ~IO_FLAG_EXCLUSIVE; 433 434 435 retval = io_ptr->open(journal_name, flags, 436 &ctx->journal_io); 437 } 438 if (retval) 439 goto errout; 440 441 io_channel_set_blksize(ctx->journal_io, ctx->fs->blocksize); 442 443 if (ext_journal) { 444 blk64_t maxlen; 445 446 start = ext2fs_journal_sb_start(ctx->fs->blocksize) - 1; 447 bh = getblk(dev_journal, start, ctx->fs->blocksize); 448 if (!bh) { 449 retval = EXT2_ET_NO_MEMORY; 450 goto errout; 451 } 452 ll_rw_block(READ, 1, &bh); 453 if ((retval = bh->b_err) != 0) { 454 brelse(bh); 455 goto errout; 456 } 457 memcpy(&jsuper, start ? bh->b_data : bh->b_data + SUPERBLOCK_OFFSET, 458 sizeof(jsuper)); 459#ifdef WORDS_BIGENDIAN 460 if (jsuper.s_magic == ext2fs_swab16(EXT2_SUPER_MAGIC)) 461 ext2fs_swap_super(&jsuper); 462#endif 463 if (jsuper.s_magic != EXT2_SUPER_MAGIC || 464 !ext2fs_has_feature_journal_dev(&jsuper)) { 465 fix_problem(ctx, PR_0_EXT_JOURNAL_BAD_SUPER, &pctx); 466 retval = EXT2_ET_LOAD_EXT_JOURNAL; 467 brelse(bh); 468 goto errout; 469 } 470 /* Make sure the journal UUID is correct */ 471 if (memcmp(jsuper.s_uuid, ctx->fs->super->s_journal_uuid, 472 sizeof(jsuper.s_uuid))) { 473 fix_problem(ctx, PR_0_JOURNAL_BAD_UUID, &pctx); 474 retval = EXT2_ET_LOAD_EXT_JOURNAL; 475 brelse(bh); 476 goto errout; 477 } 478 479 /* Check the superblock checksum */ 480 if (ext2fs_has_feature_metadata_csum(&jsuper)) { 481 struct struct_ext2_filsys fsx; 482 struct ext2_super_block superx; 483 void *p; 484 485 p = start ? bh->b_data : bh->b_data + SUPERBLOCK_OFFSET; 486 memcpy(&fsx, ctx->fs, sizeof(fsx)); 487 memcpy(&superx, ctx->fs->super, sizeof(superx)); 488 fsx.super = &superx; 489 ext2fs_set_feature_metadata_csum(fsx.super); 490 if (!ext2fs_superblock_csum_verify(&fsx, p) && 491 fix_problem(ctx, PR_0_EXT_JOURNAL_SUPER_CSUM_INVALID, 492 &pctx)) { 493 ext2fs_superblock_csum_set(&fsx, p); 494 mark_buffer_dirty(bh); 495 } 496 } 497 brelse(bh); 498 499 maxlen = ext2fs_blocks_count(&jsuper); 500 journal->j_maxlen = (maxlen < 1ULL << 32) ? maxlen : (1ULL << 32) - 1; 501 start++; 502 } 503 504 if (!(bh = getblk(dev_journal, start, journal->j_blocksize))) { 505 retval = EXT2_ET_NO_MEMORY; 506 goto errout; 507 } 508 509 journal->j_sb_buffer = bh; 510 journal->j_superblock = (journal_superblock_t *)bh->b_data; 511 512#ifdef USE_INODE_IO 513 if (j_inode) 514 ext2fs_free_mem(&j_inode); 515#endif 516 517 *ret_journal = journal; 518 e2fsck_use_inode_shortcuts(ctx, 0); 519 return 0; 520 521errout: 522 e2fsck_use_inode_shortcuts(ctx, 0); 523 if (dev_fs) 524 ext2fs_free_mem(&dev_fs); 525 if (j_inode) 526 ext2fs_free_mem(&j_inode); 527 if (journal) 528 ext2fs_free_mem(&journal); 529 return retval; 530} 531 532static errcode_t e2fsck_journal_fix_bad_inode(e2fsck_t ctx, 533 struct problem_context *pctx) 534{ 535 struct ext2_super_block *sb = ctx->fs->super; 536 int recover = ext2fs_has_feature_journal_needs_recovery(ctx->fs->super); 537 int has_journal = ext2fs_has_feature_journal(ctx->fs->super); 538 539 if (has_journal || sb->s_journal_inum) { 540 /* The journal inode is bogus, remove and force full fsck */ 541 pctx->ino = sb->s_journal_inum; 542 if (fix_problem(ctx, PR_0_JOURNAL_BAD_INODE, pctx)) { 543 if (has_journal && sb->s_journal_inum) 544 printf("*** journal has been deleted ***\n\n"); 545 ext2fs_clear_feature_journal(sb); 546 sb->s_journal_inum = 0; 547 memset(sb->s_jnl_blocks, 0, sizeof(sb->s_jnl_blocks)); 548 ctx->flags |= E2F_FLAG_JOURNAL_INODE; 549 ctx->fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY; 550 e2fsck_clear_recover(ctx, 1); 551 return 0; 552 } 553 return EXT2_ET_CORRUPT_JOURNAL_SB; 554 } else if (recover) { 555 if (fix_problem(ctx, PR_0_JOURNAL_RECOVER_SET, pctx)) { 556 e2fsck_clear_recover(ctx, 1); 557 return 0; 558 } 559 return EXT2_ET_UNSUPP_FEATURE; 560 } 561 return 0; 562} 563 564#define V1_SB_SIZE 0x0024 565static void clear_v2_journal_fields(journal_t *journal) 566{ 567 e2fsck_t ctx = journal->j_dev->k_ctx; 568 struct problem_context pctx; 569 570 clear_problem_context(&pctx); 571 572 if (!fix_problem(ctx, PR_0_CLEAR_V2_JOURNAL, &pctx)) 573 return; 574 575 ctx->flags |= E2F_FLAG_PROBLEMS_FIXED; 576 memset(((char *) journal->j_superblock) + V1_SB_SIZE, 0, 577 ctx->fs->blocksize-V1_SB_SIZE); 578 mark_buffer_dirty(journal->j_sb_buffer); 579} 580 581 582static errcode_t e2fsck_journal_load(journal_t *journal) 583{ 584 e2fsck_t ctx = journal->j_dev->k_ctx; 585 journal_superblock_t *jsb; 586 struct buffer_head *jbh = journal->j_sb_buffer; 587 struct problem_context pctx; 588 589 clear_problem_context(&pctx); 590 591 ll_rw_block(READ, 1, &jbh); 592 if (jbh->b_err) { 593 com_err(ctx->device_name, jbh->b_err, "%s", 594 _("reading journal superblock\n")); 595 return jbh->b_err; 596 } 597 598 jsb = journal->j_superblock; 599 /* If we don't even have JFS_MAGIC, we probably have a wrong inode */ 600 if (jsb->s_header.h_magic != htonl(JFS_MAGIC_NUMBER)) 601 return e2fsck_journal_fix_bad_inode(ctx, &pctx); 602 603 switch (ntohl(jsb->s_header.h_blocktype)) { 604 case JFS_SUPERBLOCK_V1: 605 journal->j_format_version = 1; 606 if (jsb->s_feature_compat || 607 jsb->s_feature_incompat || 608 jsb->s_feature_ro_compat || 609 jsb->s_nr_users) 610 clear_v2_journal_fields(journal); 611 break; 612 613 case JFS_SUPERBLOCK_V2: 614 journal->j_format_version = 2; 615 if (ntohl(jsb->s_nr_users) > 1 && 616 uuid_is_null(ctx->fs->super->s_journal_uuid)) 617 clear_v2_journal_fields(journal); 618 if (ntohl(jsb->s_nr_users) > 1) { 619 fix_problem(ctx, PR_0_JOURNAL_UNSUPP_MULTIFS, &pctx); 620 return EXT2_ET_JOURNAL_UNSUPP_VERSION; 621 } 622 break; 623 624 /* 625 * These should never appear in a journal super block, so if 626 * they do, the journal is badly corrupted. 627 */ 628 case JFS_DESCRIPTOR_BLOCK: 629 case JFS_COMMIT_BLOCK: 630 case JFS_REVOKE_BLOCK: 631 return EXT2_ET_CORRUPT_JOURNAL_SB; 632 633 /* If we don't understand the superblock major type, but there 634 * is a magic number, then it is likely to be a new format we 635 * just don't understand, so leave it alone. */ 636 default: 637 return EXT2_ET_JOURNAL_UNSUPP_VERSION; 638 } 639 640 if (JFS_HAS_INCOMPAT_FEATURE(journal, ~JFS_KNOWN_INCOMPAT_FEATURES)) 641 return EXT2_ET_UNSUPP_FEATURE; 642 643 if (JFS_HAS_RO_COMPAT_FEATURE(journal, ~JFS_KNOWN_ROCOMPAT_FEATURES)) 644 return EXT2_ET_RO_UNSUPP_FEATURE; 645 646 /* Checksum v1-3 are mutually exclusive features. */ 647 if (jfs_has_feature_csum2(journal) && jfs_has_feature_csum3(journal)) 648 return EXT2_ET_CORRUPT_JOURNAL_SB; 649 650 if (journal_has_csum_v2or3(journal) && 651 jfs_has_feature_checksum(journal)) 652 return EXT2_ET_CORRUPT_JOURNAL_SB; 653 654 if (!e2fsck_journal_verify_csum_type(journal, jsb) || 655 !e2fsck_journal_sb_csum_verify(journal, jsb)) 656 return EXT2_ET_CORRUPT_JOURNAL_SB; 657 658 if (journal_has_csum_v2or3(journal)) 659 journal->j_csum_seed = jbd2_chksum(journal, ~0, jsb->s_uuid, 660 sizeof(jsb->s_uuid)); 661 662 /* We have now checked whether we know enough about the journal 663 * format to be able to proceed safely, so any other checks that 664 * fail we should attempt to recover from. */ 665 if (jsb->s_blocksize != htonl(journal->j_blocksize)) { 666 com_err(ctx->program_name, EXT2_ET_CORRUPT_JOURNAL_SB, 667 _("%s: no valid journal superblock found\n"), 668 ctx->device_name); 669 return EXT2_ET_CORRUPT_JOURNAL_SB; 670 } 671 672 if (ntohl(jsb->s_maxlen) < journal->j_maxlen) 673 journal->j_maxlen = ntohl(jsb->s_maxlen); 674 else if (ntohl(jsb->s_maxlen) > journal->j_maxlen) { 675 com_err(ctx->program_name, EXT2_ET_CORRUPT_JOURNAL_SB, 676 _("%s: journal too short\n"), 677 ctx->device_name); 678 return EXT2_ET_CORRUPT_JOURNAL_SB; 679 } 680 681 journal->j_tail_sequence = ntohl(jsb->s_sequence); 682 journal->j_transaction_sequence = journal->j_tail_sequence; 683 journal->j_tail = ntohl(jsb->s_start); 684 journal->j_first = ntohl(jsb->s_first); 685 journal->j_last = ntohl(jsb->s_maxlen); 686 687 return 0; 688} 689 690static void e2fsck_journal_reset_super(e2fsck_t ctx, journal_superblock_t *jsb, 691 journal_t *journal) 692{ 693 char *p; 694 union { 695 uuid_t uuid; 696 __u32 val[4]; 697 } u; 698 __u32 new_seq = 0; 699 int i; 700 701 /* Leave a valid existing V1 superblock signature alone. 702 * Anything unrecognisable we overwrite with a new V2 703 * signature. */ 704 705 if (jsb->s_header.h_magic != htonl(JFS_MAGIC_NUMBER) || 706 jsb->s_header.h_blocktype != htonl(JFS_SUPERBLOCK_V1)) { 707 jsb->s_header.h_magic = htonl(JFS_MAGIC_NUMBER); 708 jsb->s_header.h_blocktype = htonl(JFS_SUPERBLOCK_V2); 709 } 710 711 /* Zero out everything else beyond the superblock header */ 712 713 p = ((char *) jsb) + sizeof(journal_header_t); 714 memset (p, 0, ctx->fs->blocksize-sizeof(journal_header_t)); 715 716 jsb->s_blocksize = htonl(ctx->fs->blocksize); 717 jsb->s_maxlen = htonl(journal->j_maxlen); 718 jsb->s_first = htonl(1); 719 720 /* Initialize the journal sequence number so that there is "no" 721 * chance we will find old "valid" transactions in the journal. 722 * This avoids the need to zero the whole journal (slow to do, 723 * and risky when we are just recovering the filesystem). 724 */ 725 uuid_generate(u.uuid); 726 for (i = 0; i < 4; i ++) 727 new_seq ^= u.val[i]; 728 jsb->s_sequence = htonl(new_seq); 729 e2fsck_journal_sb_csum_set(journal, jsb); 730 731 mark_buffer_dirty(journal->j_sb_buffer); 732 ll_rw_block(WRITE, 1, &journal->j_sb_buffer); 733} 734 735static errcode_t e2fsck_journal_fix_corrupt_super(e2fsck_t ctx, 736 journal_t *journal, 737 struct problem_context *pctx) 738{ 739 struct ext2_super_block *sb = ctx->fs->super; 740 int recover = ext2fs_has_feature_journal_needs_recovery(ctx->fs->super); 741 742 if (ext2fs_has_feature_journal(sb)) { 743 if (fix_problem(ctx, PR_0_JOURNAL_BAD_SUPER, pctx)) { 744 e2fsck_journal_reset_super(ctx, journal->j_superblock, 745 journal); 746 journal->j_transaction_sequence = 1; 747 e2fsck_clear_recover(ctx, recover); 748 return 0; 749 } 750 return EXT2_ET_CORRUPT_JOURNAL_SB; 751 } else if (e2fsck_journal_fix_bad_inode(ctx, pctx)) 752 return EXT2_ET_CORRUPT_JOURNAL_SB; 753 754 return 0; 755} 756 757static void e2fsck_journal_release(e2fsck_t ctx, journal_t *journal, 758 int reset, int drop) 759{ 760 journal_superblock_t *jsb; 761 762 if (drop) 763 mark_buffer_clean(journal->j_sb_buffer); 764 else if (!(ctx->options & E2F_OPT_READONLY)) { 765 jsb = journal->j_superblock; 766 jsb->s_sequence = htonl(journal->j_tail_sequence); 767 if (reset) 768 jsb->s_start = 0; /* this marks the journal as empty */ 769 e2fsck_journal_sb_csum_set(journal, jsb); 770 mark_buffer_dirty(journal->j_sb_buffer); 771 } 772 brelse(journal->j_sb_buffer); 773 774 if (ctx->journal_io) { 775 if (ctx->fs && ctx->fs->io != ctx->journal_io) 776 io_channel_close(ctx->journal_io); 777 ctx->journal_io = 0; 778 } 779 780#ifndef USE_INODE_IO 781 if (journal->j_inode) 782 ext2fs_free_mem(&journal->j_inode); 783#endif 784 if (journal->j_fs_dev) 785 ext2fs_free_mem(&journal->j_fs_dev); 786 ext2fs_free_mem(&journal); 787} 788 789/* 790 * This function makes sure that the superblock fields regarding the 791 * journal are consistent. 792 */ 793errcode_t e2fsck_check_ext3_journal(e2fsck_t ctx) 794{ 795 struct ext2_super_block *sb = ctx->fs->super; 796 journal_t *journal; 797 int recover = ext2fs_has_feature_journal_needs_recovery(ctx->fs->super); 798 struct problem_context pctx; 799 problem_t problem; 800 int reset = 0, force_fsck = 0; 801 errcode_t retval; 802 803 /* If we don't have any journal features, don't do anything more */ 804 if (!ext2fs_has_feature_journal(sb) && 805 !recover && sb->s_journal_inum == 0 && sb->s_journal_dev == 0 && 806 uuid_is_null(sb->s_journal_uuid)) 807 return 0; 808 809 clear_problem_context(&pctx); 810 pctx.num = sb->s_journal_inum; 811 812 retval = e2fsck_get_journal(ctx, &journal); 813 if (retval) { 814 if ((retval == EXT2_ET_BAD_INODE_NUM) || 815 (retval == EXT2_ET_BAD_BLOCK_NUM) || 816 (retval == EXT2_ET_JOURNAL_TOO_SMALL) || 817 (retval == EXT2_ET_NO_JOURNAL)) 818 return e2fsck_journal_fix_bad_inode(ctx, &pctx); 819 return retval; 820 } 821 822 retval = e2fsck_journal_load(journal); 823 if (retval) { 824 if ((retval == EXT2_ET_CORRUPT_JOURNAL_SB) || 825 ((retval == EXT2_ET_UNSUPP_FEATURE) && 826 (!fix_problem(ctx, PR_0_JOURNAL_UNSUPP_INCOMPAT, 827 &pctx))) || 828 ((retval == EXT2_ET_RO_UNSUPP_FEATURE) && 829 (!fix_problem(ctx, PR_0_JOURNAL_UNSUPP_ROCOMPAT, 830 &pctx))) || 831 ((retval == EXT2_ET_JOURNAL_UNSUPP_VERSION) && 832 (!fix_problem(ctx, PR_0_JOURNAL_UNSUPP_VERSION, &pctx)))) 833 retval = e2fsck_journal_fix_corrupt_super(ctx, journal, 834 &pctx); 835 e2fsck_journal_release(ctx, journal, 0, 1); 836 return retval; 837 } 838 839 /* 840 * We want to make the flags consistent here. We will not leave with 841 * needs_recovery set but has_journal clear. We can't get in a loop 842 * with -y, -n, or -p, only if a user isn't making up their mind. 843 */ 844no_has_journal: 845 if (!ext2fs_has_feature_journal(sb)) { 846 recover = ext2fs_has_feature_journal_needs_recovery(sb); 847 if (fix_problem(ctx, PR_0_JOURNAL_HAS_JOURNAL, &pctx)) { 848 if (recover && 849 !fix_problem(ctx, PR_0_JOURNAL_RECOVER_SET, &pctx)) 850 goto no_has_journal; 851 /* 852 * Need a full fsck if we are releasing a 853 * journal stored on a reserved inode. 854 */ 855 force_fsck = recover || 856 (sb->s_journal_inum < EXT2_FIRST_INODE(sb)); 857 /* Clear all of the journal fields */ 858 sb->s_journal_inum = 0; 859 sb->s_journal_dev = 0; 860 memset(sb->s_journal_uuid, 0, 861 sizeof(sb->s_journal_uuid)); 862 e2fsck_clear_recover(ctx, force_fsck); 863 } else if (!(ctx->options & E2F_OPT_READONLY)) { 864 ext2fs_set_feature_journal(sb); 865 ctx->fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY; 866 ext2fs_mark_super_dirty(ctx->fs); 867 } 868 } 869 870 if (ext2fs_has_feature_journal(sb) && 871 !ext2fs_has_feature_journal_needs_recovery(sb) && 872 journal->j_superblock->s_start != 0) { 873 /* Print status information */ 874 fix_problem(ctx, PR_0_JOURNAL_RECOVERY_CLEAR, &pctx); 875 if (ctx->superblock) 876 problem = PR_0_JOURNAL_RUN_DEFAULT; 877 else 878 problem = PR_0_JOURNAL_RUN; 879 if (fix_problem(ctx, problem, &pctx)) { 880 ctx->options |= E2F_OPT_FORCE; 881 ext2fs_set_feature_journal_needs_recovery(sb); 882 ext2fs_mark_super_dirty(ctx->fs); 883 } else if (fix_problem(ctx, 884 PR_0_JOURNAL_RESET_JOURNAL, &pctx)) { 885 reset = 1; 886 sb->s_state &= ~EXT2_VALID_FS; 887 ext2fs_mark_super_dirty(ctx->fs); 888 } 889 /* 890 * If the user answers no to the above question, we 891 * ignore the fact that journal apparently has data; 892 * accidentally replaying over valid data would be far 893 * worse than skipping a questionable recovery. 894 * 895 * XXX should we abort with a fatal error here? What 896 * will the ext3 kernel code do if a filesystem with 897 * !NEEDS_RECOVERY but with a non-zero 898 * journal->j_superblock->s_start is mounted? 899 */ 900 } 901 902 /* 903 * If we don't need to do replay the journal, check to see if 904 * the journal's errno is set; if so, we need to mark the file 905 * system as being corrupt and clear the journal's s_errno. 906 */ 907 if (!ext2fs_has_feature_journal_needs_recovery(sb) && 908 journal->j_superblock->s_errno) { 909 ctx->fs->super->s_state |= EXT2_ERROR_FS; 910 ext2fs_mark_super_dirty(ctx->fs); 911 journal->j_superblock->s_errno = 0; 912 e2fsck_journal_sb_csum_set(journal, journal->j_superblock); 913 mark_buffer_dirty(journal->j_sb_buffer); 914 } 915 916 e2fsck_journal_release(ctx, journal, reset, 0); 917 return retval; 918} 919 920static errcode_t recover_ext3_journal(e2fsck_t ctx) 921{ 922 struct problem_context pctx; 923 journal_t *journal; 924 errcode_t retval; 925 926 clear_problem_context(&pctx); 927 928 journal_init_revoke_caches(); 929 retval = e2fsck_get_journal(ctx, &journal); 930 if (retval) 931 return retval; 932 933 retval = e2fsck_journal_load(journal); 934 if (retval) 935 goto errout; 936 937 retval = journal_init_revoke(journal, 1024); 938 if (retval) 939 goto errout; 940 941 retval = -journal_recover(journal); 942 if (retval) 943 goto errout; 944 945 if (journal->j_failed_commit) { 946 pctx.ino = journal->j_failed_commit; 947 fix_problem(ctx, PR_0_JNL_TXN_CORRUPT, &pctx); 948 journal->j_superblock->s_errno = -EINVAL; 949 mark_buffer_dirty(journal->j_sb_buffer); 950 } 951 952 journal->j_tail_sequence = journal->j_transaction_sequence; 953 954errout: 955 journal_destroy_revoke(journal); 956 journal_destroy_revoke_caches(); 957 e2fsck_journal_release(ctx, journal, 1, 0); 958 return retval; 959} 960 961errcode_t e2fsck_run_ext3_journal(e2fsck_t ctx) 962{ 963 io_manager io_ptr = ctx->fs->io->manager; 964 int blocksize = ctx->fs->blocksize; 965 errcode_t retval, recover_retval; 966 io_stats stats = 0; 967 unsigned long long kbytes_written = 0; 968 969 printf(_("%s: recovering journal\n"), ctx->device_name); 970 if (ctx->options & E2F_OPT_READONLY) { 971 printf(_("%s: won't do journal recovery while read-only\n"), 972 ctx->device_name); 973 return EXT2_ET_FILE_RO; 974 } 975 976 if (ctx->fs->flags & EXT2_FLAG_DIRTY) 977 ext2fs_flush(ctx->fs); /* Force out any modifications */ 978 979 recover_retval = recover_ext3_journal(ctx); 980 981 /* 982 * Reload the filesystem context to get up-to-date data from disk 983 * because journal recovery will change the filesystem under us. 984 */ 985 if (ctx->fs->super->s_kbytes_written && 986 ctx->fs->io->manager->get_stats) 987 ctx->fs->io->manager->get_stats(ctx->fs->io, &stats); 988 if (stats && stats->bytes_written) 989 kbytes_written = stats->bytes_written >> 10; 990 991 ext2fs_mmp_stop(ctx->fs); 992 ext2fs_free(ctx->fs); 993 retval = ext2fs_open(ctx->filesystem_name, ctx->openfs_flags, 994 ctx->superblock, blocksize, io_ptr, 995 &ctx->fs); 996 if (retval) { 997 com_err(ctx->program_name, retval, 998 _("while trying to re-open %s"), 999 ctx->device_name); 1000 fatal_error(ctx, 0); 1001 } 1002 ctx->fs->priv_data = ctx; 1003 ctx->fs->now = ctx->now; 1004 ctx->fs->flags |= EXT2_FLAG_MASTER_SB_ONLY; 1005 ctx->fs->super->s_kbytes_written += kbytes_written; 1006 1007 /* Set the superblock flags */ 1008 e2fsck_clear_recover(ctx, recover_retval != 0); 1009 1010 /* 1011 * Do one last sanity check, and propagate journal->s_errno to 1012 * the EXT2_ERROR_FS flag in the fs superblock if needed. 1013 */ 1014 retval = e2fsck_check_ext3_journal(ctx); 1015 return retval ? retval : recover_retval; 1016} 1017 1018/* 1019 * This function will move the journal inode from a visible file in 1020 * the filesystem directory hierarchy to the reserved inode if necessary. 1021 */ 1022static const char * const journal_names[] = { 1023 ".journal", "journal", ".journal.dat", "journal.dat", 0 }; 1024 1025void e2fsck_move_ext3_journal(e2fsck_t ctx) 1026{ 1027 struct ext2_super_block *sb = ctx->fs->super; 1028 struct problem_context pctx; 1029 struct ext2_inode inode; 1030 ext2_filsys fs = ctx->fs; 1031 ext2_ino_t ino; 1032 errcode_t retval; 1033 const char * const * cpp; 1034 dgrp_t group; 1035 int mount_flags; 1036 1037 clear_problem_context(&pctx); 1038 1039 /* 1040 * If the filesystem is opened read-only, or there is no 1041 * journal, then do nothing. 1042 */ 1043 if ((ctx->options & E2F_OPT_READONLY) || 1044 (sb->s_journal_inum == 0) || 1045 !ext2fs_has_feature_journal(sb)) 1046 return; 1047 1048 /* 1049 * Read in the journal inode 1050 */ 1051 if (ext2fs_read_inode(fs, sb->s_journal_inum, &inode) != 0) 1052 return; 1053 1054 /* 1055 * If it's necessary to backup the journal inode, do so. 1056 */ 1057 if ((sb->s_jnl_backup_type == 0) || 1058 ((sb->s_jnl_backup_type == EXT3_JNL_BACKUP_BLOCKS) && 1059 memcmp(inode.i_block, sb->s_jnl_blocks, EXT2_N_BLOCKS*4))) { 1060 if (fix_problem(ctx, PR_0_BACKUP_JNL, &pctx)) { 1061 memcpy(sb->s_jnl_blocks, inode.i_block, 1062 EXT2_N_BLOCKS*4); 1063 sb->s_jnl_blocks[15] = inode.i_size_high; 1064 sb->s_jnl_blocks[16] = inode.i_size; 1065 sb->s_jnl_backup_type = EXT3_JNL_BACKUP_BLOCKS; 1066 ext2fs_mark_super_dirty(fs); 1067 fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY; 1068 } 1069 } 1070 1071 /* 1072 * If the journal is already the hidden inode, then do nothing 1073 */ 1074 if (sb->s_journal_inum == EXT2_JOURNAL_INO) 1075 return; 1076 1077 /* 1078 * The journal inode had better have only one link and not be readable. 1079 */ 1080 if (inode.i_links_count != 1) 1081 return; 1082 1083 /* 1084 * If the filesystem is mounted, or we can't tell whether 1085 * or not it's mounted, do nothing. 1086 */ 1087 retval = ext2fs_check_if_mounted(ctx->filesystem_name, &mount_flags); 1088 if (retval || (mount_flags & EXT2_MF_MOUNTED)) 1089 return; 1090 1091 /* 1092 * If we can't find the name of the journal inode, then do 1093 * nothing. 1094 */ 1095 for (cpp = journal_names; *cpp; cpp++) { 1096 retval = ext2fs_lookup(fs, EXT2_ROOT_INO, *cpp, 1097 strlen(*cpp), 0, &ino); 1098 if ((retval == 0) && (ino == sb->s_journal_inum)) 1099 break; 1100 } 1101 if (*cpp == 0) 1102 return; 1103 1104 /* We need the inode bitmap to be loaded */ 1105 retval = ext2fs_read_bitmaps(fs); 1106 if (retval) 1107 return; 1108 1109 pctx.str = *cpp; 1110 if (!fix_problem(ctx, PR_0_MOVE_JOURNAL, &pctx)) 1111 return; 1112 1113 /* 1114 * OK, we've done all the checks, let's actually move the 1115 * journal inode. Errors at this point mean we need to force 1116 * an ext2 filesystem check. 1117 */ 1118 if ((retval = ext2fs_unlink(fs, EXT2_ROOT_INO, *cpp, ino, 0)) != 0) 1119 goto err_out; 1120 if ((retval = ext2fs_write_inode(fs, EXT2_JOURNAL_INO, &inode)) != 0) 1121 goto err_out; 1122 sb->s_journal_inum = EXT2_JOURNAL_INO; 1123 ext2fs_mark_super_dirty(fs); 1124 fs->flags &= ~EXT2_FLAG_MASTER_SB_ONLY; 1125 inode.i_links_count = 0; 1126 inode.i_dtime = ctx->now; 1127 if ((retval = ext2fs_write_inode(fs, ino, &inode)) != 0) 1128 goto err_out; 1129 1130 group = ext2fs_group_of_ino(fs, ino); 1131 ext2fs_unmark_inode_bitmap2(fs->inode_map, ino); 1132 ext2fs_mark_ib_dirty(fs); 1133 ext2fs_bg_free_inodes_count_set(fs, group, ext2fs_bg_free_inodes_count(fs, group) + 1); 1134 ext2fs_group_desc_csum_set(fs, group); 1135 fs->super->s_free_inodes_count++; 1136 return; 1137 1138err_out: 1139 pctx.errcode = retval; 1140 fix_problem(ctx, PR_0_ERR_MOVE_JOURNAL, &pctx); 1141 fs->super->s_state &= ~EXT2_VALID_FS; 1142 ext2fs_mark_super_dirty(fs); 1143 return; 1144} 1145 1146/* 1147 * This function makes sure the superblock hint for the external 1148 * journal is correct. 1149 */ 1150int e2fsck_fix_ext3_journal_hint(e2fsck_t ctx) 1151{ 1152 struct ext2_super_block *sb = ctx->fs->super; 1153 struct problem_context pctx; 1154 char uuid[37], *journal_name; 1155 struct stat st; 1156 1157 if (!ext2fs_has_feature_journal(sb) || 1158 uuid_is_null(sb->s_journal_uuid)) 1159 return 0; 1160 1161 uuid_unparse(sb->s_journal_uuid, uuid); 1162 journal_name = blkid_get_devname(ctx->blkid, "UUID", uuid); 1163 if (!journal_name) 1164 return 0; 1165 1166 if (stat(journal_name, &st) < 0) { 1167 free(journal_name); 1168 return 0; 1169 } 1170 1171 if (st.st_rdev != sb->s_journal_dev) { 1172 clear_problem_context(&pctx); 1173 pctx.num = st.st_rdev; 1174 if (fix_problem(ctx, PR_0_EXTERNAL_JOURNAL_HINT, &pctx)) { 1175 sb->s_journal_dev = st.st_rdev; 1176 ext2fs_mark_super_dirty(ctx->fs); 1177 } 1178 } 1179 1180 free(journal_name); 1181 return 0; 1182} 1183